<?php
	DEFINE('H1', 'Testing Database Updater');
	DEFINE('TITLE','Testing Database Updater');
	require('includes/header.php');
	require_once('db/DBparms.php');
	require_once('includes/select.class');
	require_once('includes/security.php');
?>	
	<h2><?PHP echo H1 ?></h2>

<?php
	if(!isset($_POST['submit'])) {
	
		echo"<form method=\"post\" action=\"databaseupdater.php\">";

		$mysqli = new mysqli(DBHOST, DBUSER, DBPWD, "appl");
		
		$result = $mysqli->query("Select id, username from users");
		
		echo "Returned " . $result->num_rows . " rows.<br />";
		
		$users = new Select();
		$users->setLabel('Users');
		$users->setName('users_sel');
		
		for($i = 0; $i < $result->num_rows; $i++)
		{
			$row = $result->fetch_object();
	//		wrt("ID: " . $row->id . " Username: " . $row->username);
	
			$users->setOption(new Option($row->id, $row->username));
		}
		
		$users->render();
		
		echo"<br /><br />";
		echo"<input type=\"submit\" name=\"submit\" value=\"Submit\" />";
		echo"</form>";
		
	} else {
		
		if(!isset($_POST['update'])) {
		
		$mysqli = new  mysqli(DBHOST, DBUSER, DBPWD, "appl");
		if($mysqli === false) {
			die("Error: Could not connect to database . " . mysqli_connect_error());
		}
		
		$id = $_POST['users_sel'];
		$result = $mysqli->query("SELECT id, username, fname, lname, email, security_token, date_last_accessed, date_expires FROM users 
					WHERE id = '$id'");					
		$row = $result->fetch_object();
		
		
		$username = $row->username;
		$fname = $row->fname;
		$lname = $row->lname;
		$email = $row->email;
		$expire = $row->date_expires;
		$date = $row->date_last_accessed;
		
		$SUflag = ($row->security_token & S_SU)? "checked":"";
		$ANAflag = ($row->security_token & S_ANA)? "checked":"";
		$ENABLEDflag = ($row->security_token & S_ENABLED)? "checked":"";
		$FACflag = ($row->security_token & S_FAC)? "checked":"";
		$ADMflag = ($row->security_token & S_ADM)? "checked":"";
		$USERflag = ($row->security_token & S_USER)? "checked":"";

		
?>
		<form method="post" action="databaseupdater.php">
		<input type="hidden" name="id" value="<?php echo $id ?>" />
		<table border="1" width="90%">
			<tr>
				<td>
<?php
	echo "Username: " . $username . "<br />";
	echo "Date Last Accessed: " . $date . "<br /><br />";

?>
			First name: <input type="text" name="fname" value="<?php echo $fname ?>" /> <br />
			Last name: <input type="text" name="lname" value="<?php echo $lname ?>" /> <br /> <br />
			
			Email: <input type="text" name="email" value="<?php echo $email ?>" size="40" /> <br /><br />
			
			New password: <input type="text" name="pwd1" value="" /><br />
			Confirm password:  <input type="text" name="pwd2" value="" /><br /><br />
			
			Expiration date:  <input type="text" name="exp" value="<?php echo $expire ?>" /><br /><br />
			
		</td>
		<td valign="top"><br />
		<input type="checkbox" name="check" id="user" <?php echo $USERflag ?> />User<br />
		<input type="checkbox" name="check" id="enable" <?php echo $ENABLEDflag ?> />Enabled<br />
		<input type="checkbox" name="check" id="fac" <?php echo $FACflag ?> />Faciliator<br />
		<input type="checkbox" name="check" id="ana" <?php echo $ANAflag ?> />Analyst<br />
		<input type="checkbox" name="check" id="adm" <?php echo $ADMflag ?> />Admin<br />
		<input type="checkbox" name="check" id="su" <?php echo $SUflag ?> />Super User<br />
		

		</td>
	</tr>
	<tr>
		<td align="center" colspan="2">
			<input type="submit" name="update" value="Update User Information" />
			</form>
		</td>
	</tr>
</table>



<?php
		
		} 
		else {
		
		$id = $POST_['id'];
		$fname = $POST_['fname'];
		
		
			$updt = "update users set fname = '$fname' where id = '$id'";
			$result = $mysqli->query($updt) or die(mysql_error());

		echo "Database Updated. Fname set to $fname.";
		
		}
		
		
	}
		
	
?>

<?php
	require('includes/footer.php');
?>